Multiperspective Malware Analysis Page - Daily Malware Binary Digest Summary

Welcome to the Cyber-TA
Daily Malware Binary DIGEST Summary Page

10 October 2008

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Packed
MD5 UnPacket
MD5 Victim
OS AntiVirus
Hit-Cnt First
Encounter Last
Encounter Freq
Cnt Behavioral
Clusters Unpacked
Egg.asm Packer
Fingerprint API
Resolution String
Cnt Syscall
Trace

d2548a0bf5
NEW none[none] WinXP 35 of 36 21:55:15 21:55:15 1 none none:none
none|none none none

53bfe15e91
[Firefox:3025 hits: 06-17 to 10-09]
73f1082158
[Firefox:1486 hits: 06-18 to 10-09] none[4]
73f1082158[1] Win2K-f
WinXP 0 of 32 00:13:51 22:56:55 21 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

22999be88c
[Firefox:36 hits: 04-05 to 10-09] eda2056971 [0] WinXP 31 of 32 18:32:19 22:53:28 2 none ASM:Graph
PolyEnE| 100% lines=154
embedded dns trace

8da9ca8dd8
NEW
954b58386b
NEW none[none]
none [none] WinXP 31 of 36 16:11:01 16:11:01 1 none none:none
none:none
none|none
none|none none
none none
none

bea8cb1865
[Firefox:27 hits: 08-11 to 10-07]
fac78fde16
[Firefox:10 hits: 09-13 to 10-07] none[none]
none [none] Win2K-f 35 of 36 12:20:10 12:20:10 1 none none:none
none:none
none|none
none|none none
none none
none

313f5e1398
NEW none[none] WinXP 35 of 36 04:20:03 04:20:03 1 none none:none
none|none none none

53bfe15e91
[Firefox:3025 hits: 06-17 to 10-09] none[4] Win2K-f
WinXP 33 of 33 00:13:51 23:42:54 36 none none:none
tElock| none trace

37be569696
[Firefox: 2 hits: 09-21 to 09-25] none[none] Win2K-f 33 of 36 01:33:44 01:33:44 1 none none:none
none|none none none

0115338c8b
[Firefox:10 hits: 09-12 to 10-08] none[none] WinXP 33 of 36 17:17:38 17:17:38 1 none none:none
none|none none none

b3caf20c97
NEW none[none] WinXP 35 of 36 10:09:29 10:09:29 1 none none:none
none|none none none

2fc9b5998f
NEW none[none] WinXP 35 of 36 11:40:29 11:40:29 1 none none:none
none|none none none

eb4de67b7a
NEW none[none] WinXP 35 of 36 07:48:31 07:48:31 1 none none:none
none|none none none

53bfe15e91
[Firefox:3025 hits: 06-17 to 10-09]
b7082104e4
[Firefox:188 hits: 06-18 to 10-09] none[4]
none [4] Win2K-f 8 of 33 13:57:33 19:06:50 2 none none:none
none:none
tElock|
tElock| none
none trace
trace

6672dcb81a
[Firefox: 3 hits: 10-04 to 10-09] none[none] WinXP 36 of 36 21:36:14 21:36:14 1 none none:none
none|none none none

03d5bf43b7
NEW none[none] WinXP 19 of 36 10:03:35 10:03:35 1 none none:none
none|none none none

1b7ec6ce60
[Firefox: 7 hits: 09-16 to 10-08] none[none] WinXP 35 of 36 00:49:13 00:49:13 1 none none:none
none|none none none

b4483f9892
NEW none[none] WinXP 34 of 36 10:02:26 10:54:15 2 none none:none
none|none none none

533d15b5ce
[Firefox:31 hits: 06-21 to 10-03] none[4] WinXP 30 of 33 15:33:02 15:33:02 1 none none:none
tElock| none trace

a12cab51ef
[Firefox:569 hits: 01-01 to 10-09] 40f7f463c4 [0] WinXP 29 of 29 06:43:08 18:45:00 2 none ASM:Graph
ASPack| 54% lines=281
embedded dns trace

b52d214d08
NEW none[none] WinXP 35 of 36 03:58:24 03:58:24 1 none none:none
none|none none none

3325b2a067
NEW none[none] WinXP 35 of 36 11:07:38 11:07:38 1 none none:none
none|none none none

03f912899b
[Firefox:161 hits: 01-08 to 10-09] 83893bd25d [0] WinXP 32 of 32 11:12:11 11:12:11 1 none ASM:Graph
none|none 100% lines=65 trace

1ab4d3d7b6
[Firefox:11 hits: 04-10 to 05-18] cc366b3f6c [0] WinXP 29 of 32 12:24:13 12:24:13 1 none ASM:Graph
none|none 54% lines=287
embedded dns trace

571e381ed4
[Firefox:11 hits: 09-14 to 09-28] none[none] WinXP 35 of 36 21:18:15 21:18:15 1 none none:none
none|none none none

4c3df24b32
[Firefox:217 hits: 06-17 to 10-09] 4c3df24b32 [1] Win2K-f 0 of 33 09:34:35 09:34:35 1 none ASM:Graph
Armadillo| 47% lines=81 trace

741e3b03b3
[Firefox:456 hits: 01-05 to 10-09] e0197e8a64 [0] WinXP 31 of 32 20:12:58 20:12:58 1 none ASM:Graph
none|none 100% lines=62 trace

79d7bedf4d
NEW none[none] WinXP 36 of 36 06:08:35 06:08:55 2 none none:none
none|none none none

2d6c8c447f
[Firefox:12 hits: 09-16 to 10-08] none[none] WinXP 36 of 36 16:50:21 21:05:06 2 none none:none
none|none none none

831f4ee0a7
[Firefox:597 hits: 01-01 to 10-09] eb7546c600 [0] WinXP 29 of 29 19:39:25 19:39:25 1 none ASM:Graph
none|none 100% lines=61 trace

bea8cb1865
[Firefox:27 hits: 08-11 to 10-07] none[none] WinXP
Win2K-f 32 of 36 11:18:40 12:20:10 2 none none:none
none|none none none

533d15b5ce
[Firefox:31 hits: 06-21 to 10-03]
58c343a8d8
[Firefox:35 hits: 06-21 to 10-08] none[4]
58c343a8d8[1] WinXP 28 of 33 15:33:02 15:33:02 1 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=82 trace
trace

eec7cce07c
[Firefox:10 hits: 08-15 to 10-07] none[none] WinXP 29 of 29 16:11:55 16:11:55 1 none none:none
none|none none none

039e3fa376
[Firefox: 8 hits: 07-24 to 09-30]
76f2c59ef8
[Firefox: 8 hits: 07-24 to 09-30] none[none]
none [none] WinXP 31 of 35 15:54:40 15:54:40 1 none none:none
none:none
none|none
none|none none
none none
none

e31e5c8933
NEW none[none] WinXP 34 of 36 22:25:19 22:25:19 1 none none:none
none|none none none

53bfe15e91
[Firefox:3025 hits: 06-17 to 10-09]
73f1082158
[Firefox:1486 hits: 06-18 to 10-09]
b5919931fe
[Firefox:808 hits: 06-20 to 10-09] none[4]
73f1082158[1]
b5919931fe[1] Win2K-f 0 of 32 00:13:51 21:15:28 11 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| 48% none
lines=81
lines=90 trace
trace
trace

0115338c8b
[Firefox:10 hits: 09-12 to 10-08]
321f4fc27d
[Firefox:10 hits: 09-12 to 10-08] none[none]
none [none] WinXP 31 of 36 17:17:38 17:17:38 1 none none:none
none:none
none|none
none|none none
none none
none

8da9ca8dd8
NEW none[none] WinXP 33 of 36 16:11:01 16:11:01 1 none none:none
none|none none none

57ce4acac2
[Firefox:252 hits: 06-17 to 10-09] 57ce4acac2 [1] WinXP
Win2K-f 0 of 33 13:37:54 23:01:56 5 none ASM:Graph
Armadillo| 47% lines=81 trace

039e3fa376
[Firefox: 8 hits: 07-24 to 09-30] none[none] WinXP 33 of 35 15:54:40 15:54:40 1 none none:none
none|none none none

1a2c0e6130
[Firefox:459 hits: 12-31 to 10-09] 048df78048 [0] WinXP 29 of 29 09:04:48 14:28:48 2 none ASM:Graph
none|none 100% lines=61 trace

53bfe15e91
[Firefox:3025 hits: 06-17 to 10-09]
a08f3b74a4
[Firefox:1076 hits: 06-18 to 10-09] none[4]
a08f3b74a4[1] WinXP
Win2K-f 0 of 33 06:07:03 23:42:54 8 none none:none
ASM:Graph
tElock|
Armadillo| 47% none
lines=81 trace
trace

b8477d9f14
[Firefox: 5 hits: 04-12 to 04-18] ddf419f9fb [0] WinXP 30 of 32 16:25:12 16:25:12 1 none ASM:Graph
PolyEnE| 99% lines=69 trace

31ed6e606c
NEW none[none] WinXP 35 of 36 11:38:21 11:38:21 1 none none:none
none|none none none

a0139d7ad8
[Firefox:154 hits: 01-03 to 10-09] d9e9662db1 [0] WinXP 29 of 29 08:25:25 18:50:01 3 none ASM:Graph
PolyEnE| 99% lines=68 trace

98e59b9e40
NEW none[none] WinXP 33 of 36 10:43:11 12:33:16 2 none none:none
none|none none none

a84ffdf670
[Firefox:15 hits: 09-14 to 10-06] none[none] WinXP 36 of 36 13:06:55 13:07:00 2 none none:none
none|none none none

f3bfb92b73
NEW none[none] WinXP 35 of 36 05:00:38 05:00:38 1 none none:none
none|none none none

f1d556bf4b
[Firefox: 3 hits: 10-05 to 10-05] none[none] WinXP 33 of 36 08:39:14 08:39:14 1 none none:none
none|none none none

98e59b9e40
NEW
ed997367c3
NEW none[none]
none [none] WinXP 35 of 36 10:43:11 12:33:16 2 none none:none
none:none
none|none
none|none none
none none
none

37be569696
[Firefox: 2 hits: 09-21 to 09-25]
b2fa7ba3a5
[Firefox: 2 hits: 09-21 to 09-25] none[none]
none [none] Win2K-f 34 of 36 01:33:44 01:33:44 1 none none:none
none:none
none|none
none|none none
none none
none

3373948767
[Firefox:31 hits: 07-03 to 10-08]
b5919931fe
[Firefox:808 hits: 06-20 to 10-09]
c73f738c30
[Firefox:31 hits: 07-03 to 10-08] none[none]
b5919931fe[1]
none [none] Win2K-f 29 of 33 19:32:56 19:32:56 1 none none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

07fabc79ef
[Firefox:20 hits: 06-19 to 10-04] 07fabc79ef [1] Win2K-f 0 of 32 17:51:11 17:51:11 1 none ASM:Graph
Armadillo| 47% lines=81 trace

372f785b1b
NEW none[none] Win2K-f 33 of 36 02:09:31 02:09:31 1 none none:none
none|none none none

986b59708d
[Firefox:96 hits: 01-14 to 10-08] 8a00217866 [0] WinXP 29 of 29 01:56:52 17:39:23 4 none ASM:Graph
PolyEnE| 100% lines=57 trace

c05385e600
[Firefox:21 hits: 01-20 to 10-05] 6a383b021d [0] WinXP 29 of 29 08:20:17 18:37:59 2 none ASM:Graph
PolyEnE| 99% lines=68 trace

1a8dccb1b8
NEW none[none] WinXP 35 of 36 08:04:01 08:04:01 1 none none:none
none|none none none

f9e03b93bc
[Firefox: 2 hits: 10-09 to 10-09] none[none] WinXP 35 of 36 16:12:43 16:12:43 1 none none:none
none|none none none

53bfe15e91
[Firefox:3025 hits: 06-17 to 10-09]
a08f3b74a4
[Firefox:1076 hits: 06-18 to 10-09]
e07c29c4ae
[Firefox:597 hits: 06-19 to 10-09] none[4]
a08f3b74a4[1]
e07c29c4ae[1] WinXP 0 of 33 09:53:21 23:42:54 11 none none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| 48% none
lines=81
lines=92 trace
trace
trace

ca47a36342
[Firefox:16 hits: 02-16 to 10-08] c3a58f69c6 [0] WinXP 26 of 28 10:41:26 10:41:26 1 none ASM:Graph
PolyEnE| 100% lines=89
embedded dns trace

e69e23fa76
NEW none[none] WinXP 34 of 36 06:50:42 06:50:42 1 none none:none
none|none none none

0f99623be1
[Firefox: 5 hits: 09-22 to 09-29] none[none] WinXP 0 of 0 00:05:55 00:05:55 1 none none:none
none|none none none

a246707e86
NEW none[none] WinXP 34 of 36 14:58:01 14:58:01 1 none none:none
none|none none none

0b09052fb7
[Firefox: 3 hits: 09-12 to 10-08]
d8cf9fc784
[Firefox: 3 hits: 09-12 to 10-08] none[none]
none [none] Win2K-f
WinXP 34 of 36 04:48:39 17:58:47 3 none none:none
none:none
none|none
none|none none
none none
none

49d6cdaab4
[Firefox: 8 hits: 09-13 to 10-08] none[none] WinXP 34 of 36 14:53:18 14:53:18 1 none none:none
none|none none none

821f57b5c5
NEW none[none] WinXP 35 of 36 20:28:39 20:28:39 1 none none:none
none|none none none

03d5bf43b7
NEW
99bfd6101e
NEW none[none]
none [none] WinXP 36 of 36 10:03:35 10:03:35 1 none none:none
none:none
none|none
none|none none
none none
none

372f785b1b
NEW
bd1e145278
NEW none[none]
none [none] Win2K-f 31 of 35 02:09:31 02:09:31 1 none none:none
none:none
none|none
none|none none
none none
none

be4acd70a6
NEW none[none] WinXP 32 of 36 16:28:13 16:28:13 1 none none:none
none|none none none

7f60162c2c
[Firefox:718 hits: 12-31 to 10-09] 1aad8e4632 [0] WinXP 25 of 25 07:37:36 19:19:34 7 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

776985f561
[Firefox:18 hits: 06-24 to 10-09] 776985f561 [1] WinXP 31 of 33 21:42:46 21:42:46 1 none ASM:Graph
Armadillo| 47% lines=82 trace

321052074e
[Firefox:16 hits: 02-23 to 10-07] 1a587de3ca [0] WinXP 31 of 32 11:58:15 11:58:15 1 none ASM:Graph
PolyEnE| 100% lines=93
embedded dns trace

89a4bbb636
NEW none[none] WinXP 34 of 36 14:15:59 14:15:59 1 none none:none
none|none none none

a2d4fbad48
[Firefox: 2 hits: 10-09 to 10-09] none[none] WinXP 35 of 36 13:04:11 22:32:02 3 none none:none
none|none none none

28c2fc086f
NEW none[none] WinXP 35 of 36 22:19:39 22:19:39 1 none none:none
none|none none none

3373948767
[Firefox:31 hits: 07-03 to 10-08] none[none] Win2K-f 30 of 33 19:32:56 19:32:56 1 none none:none
none|none none none

f9d832dfd2
[Firefox: 3 hits: 09-22 to 10-06] none[none] WinXP 0 of 0 07:35:23 07:35:23 1 none none:none
none|none none none

0b09052fb7
[Firefox: 3 hits: 09-12 to 10-08] none[none] Win2K-f
WinXP 34 of 36 04:48:39 17:58:47 3 none none:none
none|none none none

73d46aecd2
NEW none[none] WinXP 35 of 36 12:08:56 12:08:56 1 none none:none
none|none none none

7d99b0e910
[Firefox:1293 hits: 12-31 to 10-09] 7a70e1b592 [0] WinXP 26 of 28 03:47:42 22:22:26 13 none ASM:Graph
PolyEnE| 99% lines=68 trace

8d858316eb
NEW none[none] WinXP 35 of 36 09:26:19 09:26:19 1 none none:none
none|none none none

7e8bfa9b49
[Firefox:11 hits: 10-01 to 10-09] none[none] WinXP 35 of 36 06:32:44 07:39:41 2 none none:none
none|none none none

776985f561
[Firefox:18 hits: 06-24 to 10-09]
8ec6129efe
[Firefox:17 hits: 06-24 to 10-09] 776985f561 [1]
none [4] WinXP 31 of 33 21:42:46 21:42:46 1 none ASM:Graph
none:none
Armadillo|
tElock| lines=82
none trace
trace

87bf2f533f
[Firefox: 2 hits: 10-02 to 10-08] none[none] WinXP 35 of 36 10:43:14 22:42:45 2 none none:none
none|none none none

b27d73bfcb
NEW none[none] WinXP 35 of 36 23:49:15 23:49:15 1 none none:none
none|none none none

0e40342969
NEW none[none] WinXP 34 of 36 06:32:25 06:32:25 1 none none:none
none|none none none

ab5e47bf8d
[Firefox:46 hits: 01-02 to 10-09] none[3] WinXP 29 of 29 01:22:54 01:22:54 1 none none:none
ASPack| none trace

d9a4f2f314
[Firefox: 6 hits: 09-29 to 10-06] none[none] WinXP 35 of 36 11:13:28 11:13:28 1 none none:none
none|none none none

cdf8cd94a9
[Firefox:20 hits: 09-14 to 10-05] none[none] WinXP 35 of 36 11:51:38 11:51:38 1 none none:none
none|none none none

e98a5fa83f
[Firefox: 2 hits: 10-03 to 10-05] none[none] WinXP 36 of 36 10:21:10 10:21:10 1 none none:none
none|none none none

be4acd70a6
NEW
dae5a2e726
NEW none[none]
none [none] WinXP 34 of 36 16:28:13 16:28:13 1 none none:none
none:none
none|none
none|none none
none none
none

430b442da3
NEW none[none] WinXP 35 of 36 11:18:40 11:18:40 1 none none:none
none|none none none